The login shell is the last field of a user's /etc/passwd line. Change another user's shell as root with chsh -s:
sudo chsh -s /usr/bin/zsh deploy
Change your own shell
Without a username, chsh changes your own shell (it prompts for your password):
chsh -s /usr/bin/zshusermod does the same thing as root and is the scriptable choice:
sudo usermod -s /usr/bin/zsh deployThe change takes effect at the next login, not in the current shell. To try a shell right now without making it permanent, just run it: zsh.
The shell has to be in /etc/shells
chsh only accepts shells listed in /etc/shells. If yours is missing, chsh refuses it:
cat /etc/shells # the allowed login shells
which zsh # where the shell actually isIf zsh is installed but not listed, add its path to /etc/shells (as root) and chsh will then accept it. usermod -s does not enforce /etc/shells, which is a footgun: it will happily set a path that does not exist and lock the user out of logging in.
Check the current shell
getent passwd deploy | cut -d: -f7 # the shell field for one user
echo "$SHELL" # your own current login shellA nologin shell disables interactive login
Setting the shell to nologin is how you keep a service account from being logged into, while it can still own files and run daemons:
sudo usermod -s /usr/sbin/nologin appsvcThis is also part of locking an account fully.
FAQ
See also
- How to Create a User on Linux: set the shell at creation with -s.
- Lock and unlock a user account: the nologin shell as a lockout.
- Run a command as another user: service accounts with no login shell.
- List users and groups: read the shell field across all accounts.
Sources
Authoritative references this article was fact-checked against.
